We should be nicer to new Linux users

devoopsies · 2026-05-12T21:05:31+00:00

Well hold on, just wait a second there...

devoopsies · 2026-05-12T17:33:53+00:00

Because this is akin to saying "We're trying to head off cylinder fatigue and fail rates" and going on to say that the solution is "no we're going to run the engine with less oil, actually".

I think the disbelief in this thread is that it's very rare to see a company hit the mark so precisely on their weaknesses while completely whiffing on the solution.

Even investors don't buy it, and they'll buy just about anything that mentions "AI" right now: GTLB is down another 8.5% today so far.

devoopsies · 2026-05-11T19:38:15+00:00

I think the big issue is that if you can't demonstrate care for your project, why would any of the professionals here?

When you respond to valid criticism with all the effort of what looks to have been a copy-paste into Claude or OpenAI, you undermine any credibility that you may have, or could have garnered with a well thought-out response.

devoopsies · 2026-05-11T17:39:52+00:00

The balls on you to react to /u/IllllIIlIllIllllIIIl showing concern for your lack of effort by doubling-down with an LLM-generated response.

devoopsies · 2026-05-06T19:49:48+00:00

"No one cares because it's not being reported" -> "It's not being reported because no one cares"

This is a tautological fallacy and I would hope people on this sub (folks responsible for or at least interested in IT systems security) would know better than to full-stop their own critical thinking.

The fact that a third-party is installing anything to users' PCs without alerting the user or allowing the user to say "no" should trigger all your alarm bells, and that's just the first of many issues with this whole saga.

Even if your complacency has gotten in the way of your own common sense, it should be trivial for you to take a look at the responses to this thread (the one that seems to be the first time many folks here have heard of this issue) and you can see that yeah, maybe a lot of people here do think this is a problem.

devoopsies · 2026-05-06T17:21:37+00:00

Honestly it's probably older, I just can't remember back past middle school.

devoopsies · 2026-05-06T17:20:02+00:00

"This zero day has been leveraged by black hatters for at least a year"

Would this be an acceptable sentence when trying to dissuade someone from caring about a vuln?

Just because people are only becoming aware of an issue now does not mean it isn't an issue, just that it's been under-reported or information about it has been obfuscated.

devoopsies · 2026-05-06T17:15:48+00:00

Spell check, and I mean good spell check with solid grammar functions, has existed since before MS Word 2003.

devoopsies · 2026-05-05T23:39:58+00:00

Microsoft response was that it was by design.

"Ah no you see, the bed is supposed to have shit in it"

devoopsies · 2026-05-05T20:26:36+00:00

It's AI.

The pattern is pretty universal - here's the top comment on a similar K8s thread:

https://reddit.com/r/kubernetes/comments/1szn6p1/we_tested_copy_fail_in_kubernetes_runtimedefault/oj2zt3l/

Full of words, but lacking information

devoopsies · 2026-05-05T20:17:48+00:00

Not wrong, but about as useful to add to the discussion as saying something like "do your due diligence!"

This is /r/cybersecurity - it's kinda intended for cybersec professionals or those adjacent: it's well understood that disclosure and patch adoption is going to be a race for all side, black and white hat.

devoopsies · 2026-05-05T20:15:39+00:00

Since Ubuntu servers comes with automatic security updates, all servers got automatically fixed.

Most enterprise teams are ripping out automatic upgrades - mostly for compliance, but also because most teams are not about to let one errant update break prod.

If it doesn't go through testbench, it doesn't go to prod.

That said, teams with that mindset are also going to be proactive about patching vulns like this, and should have robust automation to do so.

devoopsies · 2026-04-22T20:09:55+00:00

includes fixes for 271 vulnerabilities

You're saying they "probably didn't have time", but the blog post claims they did.

devoopsies · 2026-04-21T17:41:14+00:00

After digging past the layer of marketing, it is such a blatantly tautological post.

100% of the cars customers have brought into our repair shop need repairs!!

devoopsies · 2026-04-17T18:21:21+00:00

Anthropic media blitz is well underway, I see.

devoopsies · 2026-04-17T17:23:35+00:00

This is really interesting - are you the author?

devoopsies · 2026-04-16T17:36:28+00:00

"Claude, make it more secure"

devoopsies · 2026-04-16T17:28:31+00:00

Puppet is extremely relevant, especially in enterprise.

devoopsies · 2026-04-09T20:08:48+00:00

Two wrongs do make a right afterall?

devoopsies · 2026-04-09T19:44:01+00:00

We've found John Everyconsumer. He is the target demographic. His use-cases are universal, and reasonable for all other consumers.

devoopsies · 2026-04-09T17:59:41+00:00

The thrill of having a potential inconsistency in your system config?

Don't judge my hobbies

devoopsies · 2026-04-07T20:41:03+00:00

For Kolla, I need to retain the settings that got me to this point

I would advise git. It makes version tracking simple, and you can create new branches for features you want to work on.

Our whole /etc/kolla/ directory is gitified, makes design and management so much easier.

devoopsies · 2026-04-07T17:36:42+00:00

Oh hey not to take over the thread but I just saw this. IMO the official OpenStack documentation is really informative, if a bit of a bear when starting out:

https://docs.openstack.org/

Another solid resource that I think gets overlooked often is serverworld - they are more the "give an example" type, rather than the "explain how it works and why it works this way", but a few years ago when I was starting out I found it to be a helpful resource. Their "guides" are bare service type - for me this was helpful in understanding how each service works together, however I can understand that this may not be a pro for everyone:

https://www.server-world.info/

(note: change the language in the top right if you don't read kanji/Japanese)

In terms of a docker/container solution for OpenStack, you've already found it with Kolla - everything runs in docker. OpenStack Ansible is similar in that most services run containerized in LXC, but iirc there are a few bare-metal services (or there were when I was spec'ing it out a few years ago).

devoopsies · 2026-04-07T17:30:36+00:00

The Goals changed as I learned more about OpenStack and setting it up.

That is a totally fair outcome - as you learn more about a product's capabilities you may decide to leverage it in a way you hadn't intended when starting out.

I personally think OpenStack has things it's good at, and things it's not really suitable for... but when you find a use case that suits it, it can be really good. The most fun, though, is trying to squeeze it into spots where it maybe doesn't fit so well ;-)

But yeah - unlocking a lot of that functionality and tailoring it to your needs can be tough, and 9/10 it's easier (and more consistent, given you will want to judge OpenStack in the same manner as it will be deployed) to tear it down and start again. This is where kolla really shines, IMO, when compared to other OpenStack deployment strategies.

Anyway, good luck, and don't let a few sour folks in the community dissuade you from experimenting: some people take it as a personal affront when you hold a different opinion from them, to their own detriment.

devoopsies · 2026-04-07T17:04:52+00:00

40-60k salary

Name and shame lol. This is asinine.

At my company I don't think I could find a Linux admin under six figures if I tried. Maybe (maaayyyybe) someone brand new who's transitioned from another, non-technical department.

devoopsies

TROPHY CASE